guawazi/qiankun-fit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

🐛window variable should in with lexical scope while speedy mode enabled (#2390)

Browse Source
This commit is contained in:
Kuitos 2023-02-10 11:34:09 +08:00 committed by GitHub
parent 52b1a3c441
commit bac5e2ac69
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -102,7 +102,7 @@
}, },
"dependencies": { "dependencies": {
"@babel/runtime": "^7.10.5", "@babel/runtime": "^7.10.5",
"import-html-entry": "^1.14.0", "import-html-entry": "^1.14.1",
"lodash": "^4.17.11", "lodash": "^4.17.11",
"single-spa": "^5.9.2" "single-spa": "^5.9.2"
}, },

4
src/loader.ts
View File

@ -18,7 +18,7 @@ import type {
ObjectType, ObjectType,
} from './interfaces'; } from './interfaces';
import { createSandboxContainer, css } from './sandbox'; import { createSandboxContainer, css } from './sandbox';
import { trustedGlobals } from './sandbox/common'; import { scopedGlobals } from './sandbox/common';
import { import {
Deferred, Deferred,
genAppInstanceIdByName, genAppInstanceIdByName,
@ -345,7 +345,7 @@ export async function loadApp<T extends ObjectType>(
// get the lifecycle hooks from module exports // get the lifecycle hooks from module exports
const scriptExports: any = await execScripts(global, sandbox && !useLooseSandbox, { const scriptExports: any = await execScripts(global, sandbox && !useLooseSandbox, {
scopedGlobalVariables: speedySandbox ? trustedGlobals : [], scopedGlobalVariables: speedySandbox ? scopedGlobals : [],
}); });
const { bootstrap, mount, unmount, update } = getLifecyclesFromExports( const { bootstrap, mount, unmount, update } = getLifecyclesFromExports(
scriptExports, scriptExports,

5
src/sandbox/common.ts
View File

@ -5,7 +5,6 @@
import { isBoundedFunction, isCallable, isConstructable } from '../utils'; import { isBoundedFunction, isCallable, isConstructable } from '../utils';
import { globals } from './globals'; import { globals } from './globals';
import { without } from 'lodash';
type AppInstance = { name: string; window: WindowProxy }; type AppInstance = { name: string; window: WindowProxy };
let currentRunningApp: AppInstance | null = null; let currentRunningApp: AppInstance | null = null;
@ -22,8 +21,8 @@ export function setCurrentRunningApp(appInstance: { name: string; window: Window
currentRunningApp = appInstance; currentRunningApp = appInstance;
} }
const spiedGlobals = ['window', 'self', 'globalThis', 'top', 'parent', 'hasOwnProperty', 'document', 'eval']; export const overwrittenGlobals = ['window', 'self', 'globalThis'];
export const trustedGlobals = [...without(globals, ...spiedGlobals), 'requestAnimationFrame']; export const scopedGlobals = Array.from(new Set([...globals, ...overwrittenGlobals, 'requestAnimationFrame']));
const functionBoundedValueMap = new WeakMap<CallableFunction, CallableFunction>(); const functionBoundedValueMap = new WeakMap<CallableFunction, CallableFunction>();

4
src/sandbox/patchers/dynamicAppend/common.ts
View File

@ -6,7 +6,7 @@ import { execScripts } from 'import-html-entry';
import { isFunction } from 'lodash'; import { isFunction } from 'lodash';
import { frameworkConfiguration } from '../../../apis'; import { frameworkConfiguration } from '../../../apis';
import { qiankunHeadTagName } from '../../../utils'; import { qiankunHeadTagName } from '../../../utils';
import { trustedGlobals } from '../../common'; import { scopedGlobals } from '../../common';
import * as css from '../css'; import * as css from '../css';
export const rawHeadAppendChild = HTMLHeadElement.prototype.appendChild; export const rawHeadAppendChild = HTMLHeadElement.prototype.appendChild;
@ -280,7 +280,7 @@ function getOverwrittenAppendChildOrInsertBefore(opts: {
const { fetch } = frameworkConfiguration; const { fetch } = frameworkConfiguration;
const referenceNode = mountDOM.contains(refChild) ? refChild : null; const referenceNode = mountDOM.contains(refChild) ? refChild : null;
const scopedGlobalVariables = speedySandbox ? trustedGlobals : []; const scopedGlobalVariables = speedySandbox ? scopedGlobals : [];
if (src) { if (src) {
let isRedfinedCurrentScript = false; let isRedfinedCurrentScript = false;

15
src/sandbox/proxySandbox.ts
View File

@ -1,4 +1,5 @@
/* eslint-disable no-param-reassign */ /* eslint-disable no-param-reassign */
import { without } from 'lodash';
/** /**
* @author Kuitos * @author Kuitos
* @since 2020-3-31 * @since 2020-3-31
@ -6,7 +7,8 @@
import type { SandBox } from '../interfaces'; import type { SandBox } from '../interfaces';
import { SandBoxType } from '../interfaces'; import { SandBoxType } from '../interfaces';
import { isPropertyFrozen, nativeGlobal, nextTask } from '../utils'; import { isPropertyFrozen, nativeGlobal, nextTask } from '../utils';
import { getCurrentRunningApp, getTargetValue, trustedGlobals, setCurrentRunningApp } from './common'; import { overwrittenGlobals, getCurrentRunningApp, getTargetValue, setCurrentRunningApp } from './common';
import { globals } from './globals';
type SymbolTarget = 'target' | 'globalContext'; type SymbolTarget = 'target' | 'globalContext';
@ -45,11 +47,18 @@ const globalVariableWhiteList: string[] = [
...variableWhiteListInDev, ...variableWhiteListInDev,
]; ];
// these globals should be recorded in every accessing
const accessingSpiedGlobals = ['document', 'top', 'parent', 'hasOwnProperty', 'eval'];
/* /*
variables who are impossible to be overwritten need to be escaped from proxy sandbox for performance reasons variables who are impossible to be overwritten need to be escaped from proxy sandbox for performance reasons.
see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Symbol/unscopables see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Symbol/unscopables
*/ */
const unscopables = trustedGlobals.reduce((acc, key) => ({ ...acc, [key]: true }), { __proto__: null }); const unscopables = without(globals, ...accessingSpiedGlobals, ...overwrittenGlobals).reduce(
(acc, key) => ({ ...acc, [key]: true }),
{
__proto__: null,
},
);
const useNativeWindowForBindingsProps = new Map<PropertyKey, boolean>([ const useNativeWindowForBindingsProps = new Map<PropertyKey, boolean>([
['fetch', true], ['fetch', true],